ssh public key authorisation failure

  • Hi,


    I'm running omv on an odroid HC2 (installed from the omv image on sourceforge). I've been trying to get public key authorisation working (following the procedure in the guide). I have succesfully achieved this on a "standard" omv install (i.e. not arm). The issue I have with the odroid install is that I continue to get "Permission denied (publickey)" errors when attempting to connect (ssh ssh-access-user@192.168.0.44 -i ~/.ssh/sshremote) . Please note if I enable keyboard interaction then I can login by supplying the password - ssh itself is not an issue, just public key access (and the public key placed on omv is always in rfc4716 format)


    So far, as I have this working on another server I have compared:
    - cat /var/lib/openmediavault/ssh/authorized_keys/ssh-access-user - exactly the same (I transferred the file and did a diff as well as visual inspection)
    - cat /etc/ssh/sshd_config - exactly the same (as are the settings in the webui that influence this file
    - the "user" section on the web ui has the same settings (i.e. user is in an rbash environment (also tried bash), groups are "ssh" and "users"
    - systemctl list-unit-files | grep ssh output is consistent between the servers
    - systemctl status theservicesabove all report similar


    At this point I hit google and didn't find anything pertinent to the situation, however, I was inspired to try setting up a home directory for the user so I could try ssh-copy-id, which I did using ssh-copy-id -i ~/.ssh/sshremote.pub ssh-access-user@192.168.0.44 (sshremote.pub being in rfc4716 format).


    This worked.


    Problem solved. Well, more of a workaround. I still don't know why the original method didn't work or what further debugging I can do to get to the root of the issue, (I did try reordering the authorized_keys file location in sshd_config so the omv location was first - which made no difference).


    Any help would be appreciated


    Kind regards


    Rob

  • ok, done some more digging. Looked at the log and found:


    [sshd 8693]: Authentication refused: bad ownership or modes for directory /


    i.e. my root directory was wide open!!!! errg, which led me to this thread: ssh with public key - bad ownership or modes for directory




    a simple chmod 755 on / solved the problem. It looks like there is an issue therefore with the OMV_4_Odroid_XU4_HC1_HC2.img.xz image, from the forum thread I think this is wrapped up in: https://github.com/armbian/build/issues/1098 and any new images won't have this problem

Participate now!

Don’t have an account yet? Register yourself now and be a part of our community!